package model.environment;

import javax.servlet.http.HttpSession;

import model.Customer;
import model.XML;

import org.jdom.Document;

public class Login {
	private static final String[] administratorWhitelist = {
		"Erik",
		"agb",
		"martin91",
		"martinlt",
		"ApocalypseDemo" // Demo account password is: "demopass"
	};
	
	/**
	 * Checks if a customer's username and password is valid.
	 * @param username The username to check.
	 * @param password The password to check.
	 * @return -1 if the login is invalid, otherwise the customer's id.
	 */
	public static Customer checkLogIn(String username, String password) {
		String loginURL = "http://services.brics.dk/java4/cloud/login";
		
		try {
			Document loginXML = XML.createLoginElement(username, password);
			Document response = XML.postXML(loginXML, loginURL);
			
			Customer c = XML.getLoginResponse(response);
			
			if (c.getCustomerID() == 0 || c.getCustomerName() == null)
				return null;
			
			return c;
		} catch (Exception e) {
			// Most likely due to 403 - forbidden (invalid login).
			return null;
		}
	}
	
	/**
	 * Logs the user out. And invalidates the entire session, therefore also removing any trace of a basket etc. in the session. 
	 * @param session The user's session.
	 */
	public static void logout(HttpSession session) {
		session.invalidate();
		//session.setAttribute("login_customer", null);
	}
	
	/**
	 * Attemps to log a customer in.
	 * @param name The customer's name.
	 * @param pass The customer's password.
	 * @param session The customer's session.
	 * @return True if the customer was logged in, false if otherwise.
	 */
	public static boolean doLogin(String name, String pass, HttpSession session)
	{
		Customer c = checkLogIn(name, pass);
		
		if (c != null)
		{
			setLoggedInCustomer(c, session);
			return true;
		}
		
		return false;
	}
	
	/**
	 * Sets the session's customer login.
	 * @param c The session's customer.
	 * @param session The session.
	 */
	private static void setLoggedInCustomer(Customer c, HttpSession session) {
		session.setAttribute("login_customer", c);
	}
	
	/**
	 * Checks if a session is logged in.
	 * @return True if the session is logged in, false if not.
	 */
	public static boolean isLoggedIn(HttpSession session)
	{	
		Customer c = (Customer) session.getAttribute("login_customer");
		
		if (c == null || c.getCustomerID() == 0 || c.getCustomerID() == -1 || c.getCustomerName() == null || c.getCustomerName().equals(""))
			return false;
		
		return true;
	}
	
	/**
	 * Chekcs if the session is administrator.
	 * @return True if the session is administrator, false if not.
	 */
	public static boolean isAdministrator(HttpSession session) {
		if (isLoggedIn(session) == false)
			return false;
		
		String loginName = getLoginName(session);
		
		for (String s : administratorWhitelist) {
			if (loginName.equals(s))
				return true;
		}
		
		return false;
	}
	
	/**
	 * Gets a session's login name.
	 * @param session The session.
	 * @return The session's login name.
	 */
	public static String getLoginName(HttpSession session)
	{
		try {
			Customer c = (Customer)session.getAttribute("login_customer");
			
			return c.getCustomerName();
		}
		catch (Exception e)
		{
			return null;
		}
	}
	
	/**
	 * Gets a session's login id (customer id).
	 * @param session The session.
	 * @return The session's login id (customer id).
	 */
	public static int getLoginID(HttpSession session) {
		try {
			Customer c = (Customer) session.getAttribute("login_customer");
			
			return c.getCustomerID();
		} catch(Exception e) {
			return 0;
		}
	}

	/**
	 * Attempts to create a user/customer.
	 * @param username The new user's username.
	 * @param password The new user's password.
	 * @return True if succesfull, false if not.
	 */
	public static boolean createUser(String username, String password) {
		String url = "http://services.brics.dk/java4/cloud/createCustomer";
		
		Document d = XML.createCreateCustomerElement(username, password, StaticInfo.SHOP_KEY);
		
		try {
			Document response = XML.postXML(d, url);
			
			return XML.getCreateUserResponseCustomerID(response) != 0;
		} catch (Exception e) {
			return false;
		}
	}
}
